<?php
/**
 * 帐号 CURD 操作
 *
 * @author     mole <mole1230@gmail.com>
 * @version    $Id: AdminController.php 86 2011-01-13 09:23:11Z mole1230 $
 */
class AdminController extends XController
{	
	public function filters()
	{
		$filters = parent::filters();
		$filters[] = 'authorize';
		
		return $filters;
	}
	
	/**
	 * 对进行数据表更新操作进用户等级控制
	 * 
	 * @param CFilterChain $filterChain
	 */
	public function filterAuthorize($filterChain)
	{
		if ($this->user->id != Admin::SUPER_ADMIN_ID) {
			$act = $this->getAction()->getId();
			$update = array('update', 'delete', 'password');
			$create = array('create');
			if (in_array($act, $update)) {
				$id = $_GET['id'];
				$model = $this->loadModel($id);
				if ($this->user->admin_role_id <= $model->admin_role_id) {
					throw new CHttpException(403);
				}
			} else if (in_array($act, $create) && isset($_POST['Admin'])) {
				if ($this->user->admin_role_id <= $_POST['Admin']['admin_role_id']) {
					throw new CHttpException(403);
				}
			}
		}
		
		$filterChain->run();
	}
	
	public function actionIndex()
	{
		if ($this->user->id == Admin::SUPER_ADMIN_ID) {
			$rank = AdminRole::MAX_RANK_ID;
		} else {
			$rank = $this->user->admin_role_id;
		}
		$model = Admin::model()->search($rank);
		$this->render('index', array(
			'model' => $model
		));
	}
	
	public function actionCreate()
	{
		$model = new Admin();
		
		if (isset($_POST['Admin'])) {
			$model->attributes = $_POST['Admin'];
			
			try {
				if ($model->save()) {
					$this->info(Yii::t('code', 'A00002'));
					$this->redirect(array('create'));
				} else {
					$this->error($model->getErrors());
				}
			} catch (CDbException $e) {
				if ($e->getCode() == F::DB_DUPLICATE) {
					// 唯一键冲突
					$this->error(Yii::t('code', 'B10007'));
				} else {
					throw $e;
				}
			}
		}

		$this->render('update', array(
			'model' => $model,
			'roles' => $this->getRoles()
		));
	}
	
	public function actionUpdate($id)
	{
		$model = $this->loadModel($id);

		if (isset($_POST['Admin']) && !$this->hasError()) {
			$model->attributes = $_POST['Admin'];
			if ($model->save()) {
				$this->info(Yii::t('code', 'A00002'));
			} else {
				$this->error($model->getErrors());
			}
		}
		
		$this->render('update', array(
			'model' => $model,
			'roles' => $this->getRoles()
		));
	}
	
	public function actionPassword($id)
	{
		$model = $this->loadModel($id);
		$model->setScenario('password');
		
		if (isset($_POST['Admin']) && !$this->hasError()) {
			$model->attributes = $_POST['Admin'];
			if ($model->save()) {
				$this->info(Yii::t('code', 'A00002'));
			} else {
				$this->error($model->getErrors());
			}
			
			$this->redirect(array('password', array('id' => $id)));
		}
		
		$model->password = null;
		$this->render('passowrd', array(
			'model' => $model
		));
	}
	
	public function actionDelete($id)
	{
		$this->responseJson();
	}
	
	public function actionUnique()
	{
		echo 'true';
	}
	
	/**
	 * Returns the data model based on the primary key given in the GET variable.
	 * If the data model is not found, an HTTP exception will be raised.
	 * 
	 * @param int $id the ID of the model to be loaded
	 * @return Admin
	 */
	public function loadModel($id)
	{
		$model = Admin::model()->findByPk((int) $id);
		if ($model === null) {
			throw new CHttpException(404);
		}
		return $model;
	}
	
	public function getRoles()
	{
		if ($this->user->id == Admin::SUPER_ADMIN_ID) {
			$rank = AdminRole::MAX_RANK_ID;
		} else {
			$rank = $this->user->admin_role_id;
		}
		return CHtml::listData(AdminRole::model()
			->search($rank, 999)
			->getData(), 'id', 'honor');
	}
}
